Example 66 with Collection
use of org.xmldb.api.base.Collection in project exist by eXist-db.
the class XMLDBSecurityTest method groupMemberChownGidResource.
/**
* Group Member can NOT change the owner gid of a resource
* to a group of which they are a member
*
* As the user 'test2' (who is in the group users)
* attempt to change ownership gid of /db/securityTest1/test.xml (which has uid 'test1' and gid 'users')
* to the group 'test2-only' (of which they are a member)
*/
@Test(expected = XMLDBException.class)
public void groupMemberChownGidResource() throws XMLDBException {
final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test2", "test2");
final Resource resource = test.getResource("test.xml");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
// attempt to have user 'test2' take gid ownership of /db/securityTest1/test.xml (which is owned by test1:users)
ums.chgrp(resource, "test2-only");
}
Also used :
BinaryResource(org.xmldb.api.modules.BinaryResource)
XMLResource(org.xmldb.api.modules.XMLResource)
Resource(org.xmldb.api.base.Resource)
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 67 with Collection
use of org.xmldb.api.base.Collection in project exist by eXist-db.
the class XMLDBSecurityTest method cannotCreateXmlResourceWithoutWritePermissionOnParentCollection.
@Test(expected = XMLDBException.class)
public void cannotCreateXmlResourceWithoutWritePermissionOnParentCollection() throws XMLDBException {
Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
ums.chmod("--x------");
test.close();
test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
final Resource resource = test.createResource("other.xml", XMLResource.RESOURCE_TYPE);
resource.setContent("<other/>");
test.storeResource(resource);
}
Also used :
BinaryResource(org.xmldb.api.modules.BinaryResource)
XMLResource(org.xmldb.api.modules.XMLResource)
Resource(org.xmldb.api.base.Resource)
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 68 with Collection
use of org.xmldb.api.base.Collection in project exist by eXist-db.
the class XMLDBSecurityTest method groupNonMemberChownGidCollection.
/**
* Group Member can NOT change owner gid of a collection
* to a group of which we are NOT a member
*
* As the user 'test2' (who is in the group users)
* attempt to change ownership gid of /db/securityTest1
* to the group 'guest' (of which they are NOT a member)
*/
@Test(expected = XMLDBException.class)
public void groupNonMemberChownGidCollection() throws XMLDBException {
final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test2", "test2");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
// attempt to take gid ownership of /db/securityTest1
ums.chgrp("guest");
}
Also used :
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 69 with Collection
use of org.xmldb.api.base.Collection in project exist by eXist-db.
the class XMLDBSecurityTest method canOpenRootCollectionWithExecute.
@Test
public void canOpenRootCollectionWithExecute() throws XMLDBException {
final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db", "admin", "");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
ums.chmod("--x--x--x");
test.close();
DatabaseManager.getCollection(getBaseUri() + "/db", "test1", "test1");
}
Also used :
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 70 with Collection
use of org.xmldb.api.base.Collection in project exist by eXist-db.
the class XMLDBSecurityTest method canReadXmlResourceWithOnlyReadPermission.
@Test
public void canReadXmlResourceWithOnlyReadPermission() throws XMLDBException {
Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
Resource resource = test.getResource("test.xml");
ums.chmod(resource, "r--------");
test.close();
test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
resource = test.getResource("test.xml");
assertEquals("<test/>", resource.getContent());
}
Also used :
BinaryResource(org.xmldb.api.modules.BinaryResource)
XMLResource(org.xmldb.api.modules.XMLResource)
Resource(org.xmldb.api.base.Resource)
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Aggregations
Collection (org.xmldb.api.base.Collection)345
XMLResource (org.xmldb.api.modules.XMLResource)140
Test (org.junit.Test)115
Resource (org.xmldb.api.base.Resource)111
UserManagementService (org.exist.xmldb.UserManagementService)91
CollectionManagementService (org.xmldb.api.modules.CollectionManagementService)85
BinaryResource (org.xmldb.api.modules.BinaryResource)80
XMLDBException (org.xmldb.api.base.XMLDBException)68
ResourceSet (org.xmldb.api.base.ResourceSet)55
EXistCollectionManagementService (org.exist.xmldb.EXistCollectionManagementService)48
XPathQueryService (org.xmldb.api.modules.XPathQueryService)31
EXistResource (org.exist.xmldb.EXistResource)25
EXistXPathQueryService (org.exist.xmldb.EXistXPathQueryService)20
Before (org.junit.Before)20
URISyntaxException (java.net.URISyntaxException)18
Path (java.nio.file.Path)18
InputStream (java.io.InputStream)17
BuildException (org.apache.tools.ant.BuildException)14
XmldbURI (org.exist.xmldb.XmldbURI)13
Account (org.exist.security.Account)10
